//package com.cd826dong.clouddemo.security;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.core.userdetails.UserDetailsService;
//
//@Configuration
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
//    @Bean
//    @Override
//    public UserDetailsService userDetailsServiceBean() throws Exception {
//        return super.userDetailsServiceBean();
//    }
//
//    @Bean
//    @Override
//    public AuthenticationManager  authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
//
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.inMemoryAuthentication()
//                .withUser("zhangsan").password("password").roles("USER")
//                .and()
//                .withUser("superAdmin").password("superPwd").roles("USER", "ADMIN");
//    }
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        // 这里需要将csrf禁用， 否则会报不能跨域访问的错误
//        //amdin权限才能访问这个路径,/product/**
//        http.csrf().disable();
//        http.authorizeRequests()
//                .antMatchers(HttpMethod.GET, "/product/**")
//                .hasRole("ADMIN")
//                .anyRequest()
//                .authenticated()
//                .and()// 这里需要支持httpBasic的验证， 否则通过Postman无法提交认证用户信息
//                .httpBasic();
//    }
//}
